To perform control on security and stability of a system of a terminal, an invocation permission may be set for a system function provided by the system. Only an application program that has a permission to invoke the system function can invoke the system function, and the system function may be implemented by an application programming interface (API).
In the prior art, a system function invoking method is provided. After acquiring a highest permission of the system, a management program may read permission information of each application program and present the read permission information to a user, so that the user performs disabling setting on some permissions in the permission information, and forms permissions for which disabling is set into a permission database, and the management program may forbid the application program from invoking a system function corresponding to a permission in the permission database.
An existing management program needs to acquire the highest permission of the system, but the acquiring of the highest permission brings an insecure factor. In addition, disabling setting of a system function is applicable only to one application program, and if another application program also needs to disable the system function, the user needs to separately perform disabling setting for the system function in the other application program. When there are multiple application programs, the user needs to frequently perform disabling setting, which increases operation complexity of system function invocation and reduces efficiency of system function invocation.